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EXAMINER'S ANSWER 



This is in response to the appeal brief filed 5 June 2006 appealing fi"om the Office action mailed 
.10 August 2005. 
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(1) Real Party in Interest 

GetThere Inc. 

(2) Related Appeals and Interferences 

The statement of the status of related appeals and/or interferences is correct. 

(3) Status of Claims 

The statement of the status of the claims contained in the brief is correct. 

(4) Status of Amendments After Final 

The statement of the status of after final amendments in the brief is correct. 

(5) Summary of Invention 

The summary of invention contained in the brief is correct. 

(6) Issues 

The appellant's statement of issues in the brief is correct 

(7) Claims Appealed 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Prior Art of Record 

6,453,353 Win et al. 17 September 2002 

6, 144,959 Anderson et al. 07 November 2000 

(9) Grounds of Rejection 

The following grounds of rejection are appUcable to the appealed claims: 
Claims 1-4, 7-14, 17-22 are rejected under 35 U.S.C. 102(e) as being anticipated by Win et al. 
U.S. Patent No, 6,453,353 (hereinafter '353). 
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Regarding claim 1, as per the first limitation of independent claim 1, "A method of 
performing multiple user authentications with a single sign-on, comprising: performing a first 
user authentication; selecting a remote server subsequent to said first authentication" is taught in 
'353 col. 5, line 65 through col. 6, line 16. 

As per the second limitation, "sending a token to said remote server containing 
authentication information responsive to said first authentication, wherein the token also contains 
information regarding an account for the user including" and "decoding said authentication 
information, wherein said decoding said authentication information induces a second user 
authentication" is shown in '353 col. 6, lines 58-65 "When the user selects a resource, the 
browser sends and open URL request and cookie to a Protected Web Server. A Protected Web 
Server is a web server with resources protected by the Runtime Module. The Runtime Module 
decrypts information in the cookie and uses it to verify that the user is authorized to access the 
resource. The cookie is also used by the resource to return information that is customized based 
on the user's name and roles". 

As per the third limitation, "at least one of a new account for the user and an update to an 
existing account for the user" is disclosed in '353 col. 13, Unes 22-53. (Note, all arguments focus 
on this function, which defined in '353 and which can be done at anytime , i.e. "repeated at any 
desired time", the cookies or token would be updated at this time) 

Regarding claim 2, "wherein said sending includes sending said token within a universal 
resource locator" is disclosed in '353 col. 6, lines 58-65. 

Regarding claim 3, "wherein said token includes a timestamp" is taught in '353 col. 6, 
lines 47-53. 
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Regarding claim 4, "wherein said token is encrypted" is shown in '353 col. 6, 
lines 58-65. 

Regarding claim 7, "wherein the information regarding an account for the user in said 
token includes user profile update information" is taught in '353 col. 11, 
lines 21-32. 

Regarding claim 8, "wherein said remote server updates a user profile in response to said 
user profile update information" is taught in '353 col. 1 1, lines 21-32 

Regarding claim 9, "wherein said first user authentication occurs within an Intranet" is 
shown in '353 col. 4, lines 50-67. 

Regarding claim 10, "wherein said second user authentication occurs within said remote 
server" is disclosed in '353 col. 21, lines 8-28 and col. 17, lines 27-37 

Regarding claim 11, this claim is directed to a system implementing the method of 
claim 1 and it is rejected along similar rationale. 

Regarding claim 21, this claims is directed to a system implementing the method of 
claim 1 and is rejected along similar rationale. 

Regarding claims 12-14, 17-20, and 22, these claims all stand or fall with 
claims 2-4, 7-11, and 21. 

Claims 5, 6, 15 and 16, are rejected under 35 U.S.C, 103(a) as being unpatentable over 
'353 in further view of Anderson et al. U.S. Patent No. 6,144,959 (hereinafter '959). The 
motivation to combine these references as indicated in the previous office action modification is 
to permit an administrator to manage user accounts see '959 col. 4, lines 20 et seq. "The 
invention includes a system for authenticating a user to multiple systems. In addition, the system 
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authenticates to a client workstation in a manner transparent to the user, and generates a user 
account on the client workstation if the user account does not exist. Further, the system provides 
a workstation object to a directory services database, permitting a network administrator to 
efficiently manage client workstation accounts". 

Regarding claim 5, "wherein the information regarding an account for the user in said 
token includes a new user flag" is taught in '959 col. 7, Une 62 through coL 8, line 23 "The 
Win32 API includes a number of functions for performing operations with credential 
information. The Win32 API includes the NetUserAdd function used to create a new user on a 
local Windows NT workstation. The NetUserAdd function accepts a number of parameters. A 
first parameter specifies in which domain a user account is created. When the value of the 
parameter supplied by a program is null, the NetUserAdd function creates a user on the local 
workstation within the local access database 203. Another parameter includes a number of sub- 
parameters such as username and password, wherein the username is the name of a new user to 
be created and the password is a password to be assigned to the new user". 

Regarding "wherein said remote server creates a new user account in response to said 
new user flag" is shown in '959 col. 7, line 62 through col. 8, line 23. 

Regarding claims 15 and 16, these claims stand or fall with claims 5 and 6, 
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(10) Response to Arguments 

Regarding Appellant's argument 1, on page 7, "In contrast to cited reference the claims 
indicate: (a) performing multiple user authentication (b) selecting remote server (c) sending 
token to remote server (d) including a least one of a new account or update 
The grounds of rejection stand this is all shown in the cited reference: 

Win discloses (a) multiple user authentication in col. 5, line 65 through col. 6, line 16, 
(i.e. "users"). 

Win discloses (b & c) selecting a remote server and sending token to remote server in 
col. 6, lines 58-65 note tokens are interpreted to be equivalent to cookies. 

Win discloses (d) including at lest one of a new account or update in col. 13, lines 45-67 
and col. 11, lines 22-32 (note: "defining roles, and creating profiles for roles and person. The 
inventory step involves listing all existing and planned resources for which protection and 
controlled access is desire. For each resource, access privileges, roles, and function groups are 
identified. These steps are carried out once initially to estabUsh system 2, and may be repeated 
at any desired tim e to integrate additional roles, user types, and resources into the system". 

Regarding Appellant's argument 2, on page 8, "While Win disclosed SSO, Win does not 
disclose sending a token to a remote server that contains authentication information. 

The grounds of rejection stand this is the same argument the above shows Win delivering 
a token with authentication information in col. 6, Hnes 58-65. 

Regarding Appellant's argument 3, on pages 9-10, "Therefore, updated information is not 
included with the cookies since updating occurs at the Access Server or Registry Server (see 



Application/Control Number: 09/51 8,583 Page 7 

Art Unit: 2134 

Figures 1 and 4 or Win). Similarly, Win does not disclose that the cookies contain information 
regarding a new account for the user. Simply providing the capability to update or add a new 
account is significantly different than providing information regarding a new account or an 
update to an existing account with a token to a remote sever, as recited by the claimed invention 
. . . This is unlike the claims of the present appUcation, as described above, in which token 
reflective of new or updated user account information are sent to a remote server. In this regard, 
Win nowhere discloses that the cookies contain information regarding an update to an existing 
account or information regarding a new account". 

The grounds of rejection stand Win discloses delivering update or new account 
information see in addition review Win columns 9 through column 20 for more details how user 
profiles and roles can be created. Also see col. 9, Unes 33-45 for an explanation how the 
authentication client module enable users to begin and end authenticated session and change 
their account profiles. See col. 11, lines 21-26 for an explanation of the profile management 
service for changing the password. See col 13, lines 8-16 for how an administration application 
can create, delete, modify user, resource, and role records. Win further discloses retrieving 
profile information that comprises information such as IP address, user's name, and information 
defining a user's role, this information is added to the cookie, see col. 10, Unes 43-55. One of 
ordinary skill would recognize that since the profile information is added to the cookie, any 
modifications, changes or new account information would be reflected by the profile information 
since Win teaches creation, modification, etc. . . See col. 19, Unes 6-34 how roles can be selected 
and assigned. 
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Appellants fourth argument on page 12, "Combination with Anderson et al, does not 
show the updating or creating new account". 

The grounds of rejection stand Win discloses delivering update or new account 
information see col 13, lines 45-67. 

Appellant's fifth argument on page 12, "Combination of references does not teach new 
user flag". 

The grounds of rejection stand Anderson shows see col. 7, line 62 through col. 8, line 23 
'a new user flag' is considered to be equivalent to 'null parameter sent'. 

(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner in the Related 
Appeals and Interferences section of this examiner's answer. 

For the above reasons, it is believed that the rejections should be sustained. 



Respectfully submitted. 




Patent Examiner 
Technology Center 2134 
28 July 2006 



Conferences: 
Chris Revak 



CHRISTOPHER REVAK 
PRIMARY EXAMINER 




